VBOffice Reporter is an easy to use tool for data analysis and reporting in Outlook. A single click, for instance, allows you to see the number of hours planned for meetings the next month.

Problem: Security Alert

Since Outlook 2000 SP3 (optional) or Outlook XP respectively, some properties are blocked for security reasons, for instance the sender address of e-mails. Since Outlook 2003 even blocked properties can be read in VBA without raising the security prompt by using the instrinsic Application object. That means, in VBA there's already a variable called Application, which should be used. You don't need to create this variable. And there's the rub, even with the official VBA help file: Examples often use the functions GetObject or CreateObject to retrieve a variable for the Application object. The following examples demonstrate the difference. In order to test the examples, there must be at least one email stored in the inbox.

The first sample shows how it does not work. Instead of simply using the intrinsic Application object, the variable olApp is set to the Application object returned by the GetObject function. The effect is, the security prompt is raised as soon as you want to access the blocked SenderEmailAddress property.

Solution: No Alert

Easily avoid the security prompt: Directly set the olApp variable to the Application property, or don't use another variable for Application at all since you can work with Application itself. This makes also clear why you cannot avoid the security alert when accessing Outlook from a third party app like Word or Excel: You must use GetObject or CreateObject then. (Actually it is possible as is explained in Security Model, Part 2.)

ReplyAll alerts you before unintentionally replying all, or if you are a confidential BCC recipient of the e-mail.

Special Case Outlook 2003 and the Rule Assistent

In Outlook 2003 there's another issue you need to know: The Rule assistent passes the untrusted object reference to a script it is calling. (Since Outlook 2007 that's not the case anymore.) Thus the following sample raises an alert when called by a rule:

Public Sub Warning(NewMail As Outlook.MailItem)
MsgBox NewMail.SenderEmailAddress
End Sub

Solution: Run-a-Script Rule without the Alert

This sample works around the issue by deriving another ref on the item from the intrinsic Application object. Now you can get the address from the email without raising a security prompt.